Search  English (United States) Hrvatski (Hrvatska)

innovative promotional partnershipICT for a Smart and Green Present and Future

MIPRO 2022 - 45th Jubilee International Convention

ISS - Information Systems Security

Tuesday, 5/24/2022 10:00 AM - 1:30 PM, Collegium, Grand hotel Adriatic, Opatija

Hybrid Event

Event program
Tuesday, 5/24/2022 10:00 AM - 1:30 PM,
Collegium, Grand hotel Adriatic, Opatija
10:00 AM - 1:30 PMPapers 
1.J. Valacich (University of Arizona, Tucson, United States), J. Jenkins (Brigham Young University , Provo, United States), D. Čišić (University of Rijeka , Rijeka, Croatia)
Digital Behavioral Biometrics and Privacy: Methods for Improving Business Processes without Compromising Customer Privacy 
To enable people to interact with online websites and systems, browsers capture a variety of events that occur on the page—such as how a person is moving the computer mouse, what a person clicks on, what a person types, and whether a person is scrolling. These events represent a user’s behavior on a page, referred to as the DOM or Document Object Model, and are recorded at a millisecond precision rate (e.g., the exact millisecond timestamp when a key goes down and when it comes back up). Research and practice alike have found that these behavioral events can provide powerful insight into the users’ experience, such as whether users are frustrated, and even help distinguish between legitimate and fraudulent users. In this paper, we present six best practices for responsibly collecting these digital behavioral biometric data to help protect user privacy as well as encourage proper interpretation. For each principle, we discuss its rationale and practical application.
2.I. Volarevic, M. Tomic (Tehnički fakultet u Rijeci, Rijeka, Croatia)
Network Forensics 
Network firewalls and intrusion detection and prevention devices or software are crucial parts of today's networks. However, security breaches still can and do happen. They can originate from malicious users of on-site devices or any other point in local or remote networks. Often, a single compromised host is a source of further and more devastating attacks. After a breach occurs, or there is a reasonable doubt that it occurred, it is important to perform forensic analysis. The analysis could potentially discover the type of the attack, how long did it last, a range of affected hosts, the scale of the attack or, sometimes, even the intruders. In this paper, we explore a network forensic analysis workflow, evidence collection and analysis steps. We present a common analysis tools and their usage and perform an example analysis based on a real world packet captures and intrusion detection systems logs, following a successful security measures breach and host infection.
3.A. Aliti (South East European University, Tetovo, Macedonia), E. Leka (Polytechnic University of Tirana, Tirane, Albania), A. Luma, M. Apostolova Trpkovska (South East European University, Tetovo, Macedonia)
A Systematic Literature Review on Using Blockchain Technology in Public Administration 
Blockchain technology promises that it can transform completely modern society and its applications in the near future. Its main characteristics could change activities that are related to public politics and services, such as administrative processes, security, privacy, transparency, integrity, and confidentiality. The citizens concern about the potential risks, that are mainly related to data security, respectively documents falsification in a corrupted and non-transparent government. Blockchain technology has the potential to play a critical role in the digitalization of the public sector, not only in terms of administrative efficiency, but also in terms of increasing trust, transparency, and accessibility of services. Blockchain-based solutions facilitate citizen-government collaboration by safely streamlining and automating procedures while maintaining privacy and secrecy. In this paper, we conducted a systematic literature review with 32 primary studies, to better understand the adaption of blockchain in public administration. We intend to address one of the Informatics Society's major concerns: the data security of thousands of individuals and the inviolability of citizen databases. The adoption of blockchain in public administration would enable decentralization of procedures and provide citizens with a transparent and secure management system for their data. Meanwhile the research shows that the use of Blockchain to automate public administration operations will speed up dozens of procedures, allowing the government to move away from the concept of "bureaucracy" and toward a more efficient administration that resolves and streamlines its processes. Furthermore, we identified gaps and future trends to support researchers in this domain.
4.I. Fosić (HEP-Telekomunikacije d.o.o., Osijek, Croatia), D. Žagar, K. Grgić (Faculty of Electrical Engineering, Computer Science and Information Technologies Osijek, Osijek, Croatia)
Network Traffic Verification Based on a Public Dataset for IDS Systems and Machine Learning Classification Algorithms 
One method of monitoring network traffic is to detect anomalies where the primary goal is to distinguish normal from abnormal network traffic. In this research we used classification algorithm with best result with public IDS (Intrusion Detection System) dataset on real network dataset. NetFlow data collected from network devices are a good source of input for machine learning classification algorithms that can identify anomalies with high certainty based on known data flows. In this paper, several machine learning classification algorithms (Random Forest, KNearest Neighbors, Naive Bayes and Support Vector Machines) were used, for recognizing nine types of network attacks (traffic anomalies) classified in UNSW-NB15 dataset. The collected NetFlow data of real traffic on network devices and simulated network attacks were tested on a proposed machine learning model to determine the success of detecting security incidents. F2 and AUC (Area under the ROC curve) scores were used to measure the performance of classification algorithms, as UNSW-NB15 is a highly unbalanced learning dataset. In both classification of reference dataset and dataset of real traffic the best result achieved Random Forest algorithm with AUC sore of 97% and 95%.
5.D. Delija, D. Sudec, G. Sirovatka, M. Žagar (Zagreb University of Applied Sciences, Zagreb, Croatia)
How to Do a Forensic Analysis of Android 11 Artifacts 
This paper compares the results obtained using several forensic tools on various devices running the Android 11 operating system. New and old functionalities of Andriod 11 store a vast volume of raw data and important forensic artifacts on mobile devices. The amount and type of data found on mobile devices demand further development of mobile forensics procedures. This development should be based on the streamlined procedures for the existing forensic to obtain more useful forensic artifacts. This means not using only one forensic tool, but combining results from multiple forensic tools in the analysis phase, after the data acquisition from Android 11 devices. The used forensic tools are Belkasoft Evidence Center X, Autopsy, and ALEAPP, with results presented and compared. The collected digital evidence shows the combined results are more substantial than the sum of particular ones.
6.T. Velki (J.J. Strossmayer University of Osijek/ Faculty of Education, Osijek, Croatia)
Psychologists as information-communication system users: Is this bridge between information-communication and behavioral science enough to prevent risky online behaviors? 
The research aimed to examine the awareness and behavior of psychologists as information-communication systems users, i.e., experts in the field of behavioral sciences with some work experience in the Internet security area. Participants were 55 employed psychologists. They completed an online Behavioral-Cognitive Internet Security Questionnaire. The results showed that a large number of psychologists show risky online behaviors: 40% left their e-mail addresses, and 45.5% gave their passwords. Previous education did not affect either user awareness or user behavior. No statistically significant association was obtained between self-assessed and simulated risk behavior. Furthermore, results showed statistically significantly more simulating risky behavior than reported self-assessed risky behavior (t=6.68; p<0.01). Psychologists are also more aware of the importance of data storage in relation to the potential risks of their alienation (t=4.57; p<0.01). Obviously, previous education and the current level of information security awareness are insufficient to prevent risky online behaviors even of well-informed users. Moreover, what users report about their online behavior is inconsistent with their actual behavior, leading to the need to develop additional simulation scales to measure computer users’ actual risk behaviors and new prevention programs to increase online risk awareness.
7.S. Bradić, D. Delija, G. Sirovatka, M. Žagar (Zagreb University of Applied Sciences, Zagreb, Croatia)
Creating Own NFT Token Using erc721 Standard and Solidity Programming Language 
Blockchain as a technology in recent years is increasingly mentioned as a technology that will dominate in the future, through various industries. The paper analyzes in which industries blockchain can be an advantage, how it can improve them and make the user experience better and more secure. Blockchain also carries with it potential "threats" related to the way data is stored, so the most common possible ways of damaging the blockchain are analyzed. In the practical part of the paper, article describes how the reader can independently make an NFT token based on the ERC721 standard Ethereum blockchain and how to set it on the blockchain and distribute, and potentially one can make money on it, which is another case of using the blockchain.
8.D. Gernhardt (Croatian Military Academy "Dr. Franjo Tuđman", University of Zagreb, Zagreb, Croatia), S. Groš (Faculty of Electrical Engineering and Computing, University of Zagreb, Zagreb, Croatia)
Use of a Non-Peer Reviewed Sources in Cyber-Security Scientific Research 
Most publicly available data on cyber incidents comes from private companies and non-academic sources. Common sources of information include various security bulletins, white papers, reports, court cases, and blog posts describing specific events, often from a single point of view, followed by occasional academic sources, usually conference proceedings. The main characteristics of the available data sources are: lack of peer review and unavailability of confidential data. In this paper, we use an indirect approach to identify trusted sources used in scientific work. We analyze how top-rated peer reviewed literature relies on the use of non-peer reviewed sources on cybersecurity incidents. To identify current non-peer reviewed sources on cybersecurity we analyze references in top rated peer reviewed computer security conferences. We also analyze how non-peer reviewed sources are used, to motivate or support research. We examined 808 articles from top conferences in field of computer security. The result of this work are list of the most commonly used non-peer reviewed data sources and information about the context in which this data is used. Since these sources are accepted in top conferences, other researchers can consider them in their future research. To the best of our knowledge, analysis on how non-peer reviewed sources are used in cyber-security scientific research has not been done before.
9.I. Kovačević, B. Štengl, S. Groš (University of Zagreb Faculty of Electrical Engineering and Computing, Zagreb, Croatia)
Systematic Review of Automatic Translation of High-Level Security Policy into Firewall Rules 
Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction, with statements such as “web browsing is allowed only on workstations inside the office network”, and needs to be translated into low-level firewall rules to be enforceable. There has been a lot of work regarding optimization, analysis and platform independence of firewall rules, but an area that has seen much less success is automatic translation of high level security policies into firewall rules. In addition to improving rules’ readability, such translation would make it easier to detect errors. This paper surveys of over twenty papers that aim to generate firewall rules according to a security policy specified on a higher level of abstraction. It also presents an overview of similar features in modern firewall systems. Most approaches define specialized domain languages that get compiled into firewall rule sets, with some of them relying on formal methods, ontology, or graphical models. The approaches’ have improved over time, but there are still many drawbacks that need to be solved before wider application.
10.A. Komadina, M. Marović, S. Groš (Faculty of Electrical Engineering and Computing, Zagreb, Croatia)
Detecting Network Applications Using Firewall Logs 
Every day, many firewall logs are generated that contain a lot of useful information about devices and applications in the network. In this paper, we try to detect network applications using only data in firewall logs. Detection of such applications could be used for audit, gaining a better visibility into the network, and to create better firewall policies. Two approaches were implemented for network application detection, one based on the classification methods and the other based on distances between samples using three different metrics. The methods we experimented with were based on ports and IP addresses only. The analysis of ports was done to reduce the number of different ports used as features for classification. In addition to the methods implemented, a measure of certainty was developed based on the number of different ports used for classification. Based on the partial knowledge of the target environment, the methods were continuously improved, from which conclusions were drawn and results presented. In reviewing the results, an analysis of the results of the two approaches was carried out. The approaches were compared based on the advantages and disadvantages of each approach in terms of the information they provide.

Basic information:

Stjepan Groš (Croatia), Tonimir Kišasondi (Croatia), Mario Spremić (Croatia)

Registration / Fees:
Price in EUR
Up to 9 
May 2022
From 10 
May 2022
Members of MIPRO and IEEE
Students (undergraduate and graduate), primary and secondary school teachers

The discount doesn't apply to PhD students.


Stjepan Gros
University of Zagreb
Faculty of Electrical Engineering and Computing
Unska 3
HR-10000 Zagreb, Croatia


The best papers will get a special award.
Accepted papers will be published in the ISSN registered conference proceedings. Presented papers in English will be submitted for inclusion in the IEEE Xplore Digital Library.
There is a possibility that the selected scientific papers with some further modification and refinement are being published in the following journals: Journal of Computing and Information Technology (CIT)MDPI Applied ScienceMDPI Information JournalFrontiers and EAI Endorsed Transaction on Scalable Information Systems.


Opatija is the leading seaside resort of the Eastern Adriatic and one of the most famous tourist destinations on the Mediterranean. With its aristocratic architecture and style, Opatija has been attracting artists, kings, politicians, scientists, sportsmen, as well as business people, bankers and managers for more than 170 years.

The tourist offer in Opatija includes a vast number of hotels, excellent restaurants, entertainment venues, art festivals, superb modern and classical music concerts, beaches and swimming pools – this city satisfies all wishes and demands.

Opatija, the Queen of the Adriatic, is also one of the most prominent congress cities in the Mediterranean, particularly important for its ICT conventions, one of which is MIPRO, which has been held in Opatija since 1979, and has attracted more than a thousand participants from over forty countries. These conventions promote Opatija as one of the most desirable technological, business, educational and scientific centers in South-eastern Europe and the European Union in general.

For more details, please visit and

News about event
Currently there are no news
Patrons - random
UNIPUT-HT ZagrebHEP ZagrebSveučilište u ZagrebuSveučilište u Rijeci